Author

Topic: Phoenix miner is compromised (Read 477 times)

full member
Activity: 1424
Merit: 225
March 09, 2021, 11:30:52 AM
#17
Agreed. NH was over the top with their announcement and the internet FUD machine took over.
Has anyone confirmed if NH actually linked to a compromised version of PM?
full member
Activity: 234
Merit: 100
March 09, 2021, 01:02:07 AM
#16
Mega uload took down all mining apps. It was not exclusively phoenix miner. NH had some bs announcement cause they did not know. nh is garbage. With the app developer being anonymous it is impossible to know if any future release is genuinely from the original author. However, I suspect they will announce on bitcointalk.
member
Activity: 368
Merit: 15
March 09, 2021, 12:53:49 AM
#15
I've been using PM for quite sometime and there's nothing faster with Nvidia cards in my opinion.

Each 3090 performs as follows:

Phoenix Miner = 120-121MH/s  

NH Excavator 118-119MH/s

SAME EXACT HARDWARE when mining ETH on NH....

The concerns that NH has expressed over PM seem to be completely unfounded if you use the legitimate version....


Phoenix miner performance is just like Trex miner, even some times I find Trex to me more faster in hashrate than phoenix miner and also very close to NBminer, that Excavator sucks anyways because it drops hashrate, can't be compared to any of those miners I made mention
legendary
Activity: 3248
Merit: 1070
March 08, 2021, 07:05:11 PM
#14
use quickminer instead, it don't rely in 3d party software, but i don't know how to enable the pill with it

Why use software that is slower.  Remember it was NH that was distributing the malware...not PM.  They are blaming PM for thier incompetence.  The mining OS use PM and had no issue with malware...this is all on NH.  

if you can enable the largement pill with it it's not slower

Ill note you have no rebuttal to the fact that NH was founded and run by criminals.....here are the news articles of some of the arrests and illegal dealings.

https://www.coindesk.com/former-nicehash-cto-arrested-in-germany-over-us-hacking-charges

https://www.infosecurity-magazine.com/news/nicehash-cofounder-arrested-in/

From wikipedia article on NH....

NiceHash's founder Matjaž Škorjanc is a creator of malware Mariposa botnet, which infected over 1 million computers with Butterfly (mariposa in Spanish) Bot. The goal of Butterfly Bot was to install itself on an uninfected PC, monitoring activity for passwords, bank credentials and credit cards. Slovenian police arrested Matjaž on charges of distributing the malware in 2010. Matjaž was found guilty and had served four years and ten months in a Slovenian prison. On June 5, 2019, US law enforcement opened a case in the operations of the Mariposa (Butterfly Bot, BFBOT) malware gang.[13] FBI has moved forward with new charges and arrest warrants against four suspects including Matjaž Škorjanc.[14]

Can post more...because its a fact the people behind NH are convicted criminals.


well that's an old news, any proof that the current nicehash team is part of a criminals activity?
full member
Activity: 1275
Merit: 141
March 08, 2021, 04:08:39 PM
#13
use quickminer instead, it don't rely in 3d party software, but i don't know how to enable the pill with it

Why use software that is slower.  Remember it was NH that was distributing the malware...not PM.  They are blaming PM for thier incompetence.  The mining OS use PM and had no issue with malware...this is all on NH. 

if you can enable the largement pill with it it's not slower

Ill note you have no rebuttal to the fact that NH was founded and run by criminals.....here are the news articles of some of the arrests and illegal dealings.

https://www.coindesk.com/former-nicehash-cto-arrested-in-germany-over-us-hacking-charges

https://www.infosecurity-magazine.com/news/nicehash-cofounder-arrested-in/

From wikipedia article on NH....

NiceHash's founder Matjaž Škorjanc is a creator of malware Mariposa botnet, which infected over 1 million computers with Butterfly (mariposa in Spanish) Bot. The goal of Butterfly Bot was to install itself on an uninfected PC, monitoring activity for passwords, bank credentials and credit cards. Slovenian police arrested Matjaž on charges of distributing the malware in 2010. Matjaž was found guilty and had served four years and ten months in a Slovenian prison. On June 5, 2019, US law enforcement opened a case in the operations of the Mariposa (Butterfly Bot, BFBOT) malware gang.[13] FBI has moved forward with new charges and arrest warrants against four suspects including Matjaž Škorjanc.[14]

Can post more...because its a fact the people behind NH are convicted criminals.
full member
Activity: 626
Merit: 159
March 08, 2021, 04:06:27 PM
#12
I've been using PM for quite sometime and there's nothing faster with Nvidia cards in my opinion.

Each 3090 performs as follows:

Phoenix Miner = 120-121MH/s  

NH Excavator 118-119MH/s

SAME EXACT HARDWARE when mining ETH on NH....

The concerns that NH has expressed over PM seem to be completely unfounded if you use the legitimate version....

legendary
Activity: 3248
Merit: 1070
March 08, 2021, 04:03:06 PM
#11
use quickminer instead, it don't rely in 3d party software, but i don't know how to enable the pill with it

Why use software that is slower.  Remember it was NH that was distributing the malware...not PM.  They are blaming PM for thier incompetence.  The mining OS use PM and had no issue with malware...this is all on NH. 

if you can enable the largement pill with it it's not slower
full member
Activity: 1275
Merit: 141
March 08, 2021, 01:29:27 PM
#10
use quickminer instead, it don't rely in 3d party software, but i don't know how to enable the pill with it

Why use software that is slower.  Remember it was NH that was distributing the malware...not PM.  They are blaming PM for thier incompetence.  The mining OS use PM and had no issue with malware...this is all on NH. 
legendary
Activity: 3248
Merit: 1070
March 08, 2021, 01:05:08 PM
#9
use quickminer instead, it don't rely in 3d party software, but i don't know how to enable the pill with it
full member
Activity: 1275
Merit: 141
March 08, 2021, 12:32:28 PM
#8
PM has responded in the PM thread for miner.

I never pulled mine as i know the source...and 5.4c and 5.5c have been running for long times for me with no issue.  Plus the most a hacker could do to a rig was redirect it to his wallet....and that would trip all my monitoring.  Since i only have a thumbdrive and only mining on each rig...there is no system that cant be quickly replaced.  But im careful where i get my mining software and only from the devs official site. 

It appears NH is the blame here...distributing malware.


jr. member
Activity: 43
Merit: 1
March 08, 2021, 08:06:46 AM
#7
Get a hardware wallet - feel safe as a baby.
Hardware wallet has nothing to do with what's been discussed on here, OP is all about the safety of Nicehash pool and people mining on the pool, you can only withdraw from a pool when you reach minimum withdrawal amount, Nicehash was once hacked and many got caught for years

i feel you, but as i understand its the link between NH and PM thats being compromised, therefore if you go straight for PM instead of NH and PM, you can withdraw straight from your choice of pool into your HW wallet, which cant be compromised.
member
Activity: 252
Merit: 12
March 08, 2021, 07:42:57 AM
#6
Get a hardware wallet - feel safe as a baby.
Hardware wallet has nothing to do with what's been discussed on here, OP is all about the safety of Nicehash pool and people mining on the pool, you can only withdraw from a pool when you reach minimum withdrawal amount, Nicehash was once hacked and many got caught for years
jr. member
Activity: 43
Merit: 1
March 08, 2021, 07:34:39 AM
#5
Get a hardware wallet - feel safe as a baby.
member
Activity: 196
Merit: 11
March 08, 2021, 02:51:48 AM
#4
This isn't speculative, NB team are just been more careful and to me they did have good points

1. The Phoenix miner download location changed
2. The control shasum does not match the published value

Let's not forget that Nicehash is a victim to hack in the past, I expect them to be more careful from now on
full member
Activity: 1275
Merit: 141
March 07, 2021, 04:01:21 PM
#3
or perhaps nh grabbed one of the many malicous links supplied at 5.5d.

or perhaps the mega site PM uses had credentials compromised.

Either way seems like nh has been sending compromised miners to users.

I have zero issues with PM but then again i dont keep wallets on rigs either...

I will say PM has been under malware attack for a long time here.
hero member
Activity: 1036
Merit: 606
March 07, 2021, 03:15:42 PM
#2
The NiceHash announcement does not say that. They are simply speculating the DEV has some ulterior motives, with nothing offered to base it on other than they don't like that the DEV is anonymous and they believe the archive hash was changed. Yet, this web archive of the page from February 2nd, 2021 shows the checksums are the same as the ones listed by the DEV in the current page. Without any further proof, it seems like a disinformation campaign to cause distrust. And wouldn't you know it, they just happen to recommend their miner as a replacement!


https://web.archive.org/web/20210214010523/https://bitcointalk.org/index.php?topic=2647654.0
member
Activity: 182
Merit: 14
March 07, 2021, 01:53:03 PM
#1
If you are using Nicehash phoenix miner presently you need to stop using it and switch to another miner in Nicehash software because phoenix miner have been compromised

https://www.nicehash.com/blog/post/stop-using-phoenix-miner-immediately
Jump to: